How can I use dumpcap to capture traffic only on port 53?

dumpcap

asked 2018-10-12 19:26:21 +0000

rpainter
1

updated 2018-10-13 14:34:01 +0000

grahamb

flag of United Kingdom of Great Britain and Northern Ireland

23835 ●4 ●976 ●227 https://www.wireshark.org

I have a server set up that runs a continuous capture for one of my branches. My current argument is:

"C:\Program Files\Wireshark\dumpcap.exe" -i 2 -b files:80 -b filesize:512000 -port 53 -w e:\Captures\COL3_VoIP_Capture.pcap

This works great for capturing ALL traffic. However, I want to set it up to only capture DNS queries. I have tried the following, but it doesn't seem to work.

"C:\Program Files\Wireshark\dumpcap.exe" -i 2 -f "port 53" -b files:80 -b filesize:512000 -port 53 -w e:\Captures\COL3_VoIP_Capture.pcap

Any help would be appreciated!

edit retag flag offensive close merge delete

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

How can I use dumpcap to capture traffic only on port 53?

1 Answer

Your Answer

Question Tools

Stats

Related questions

How can I use dumpcap to capture traffic only on port 53? edit

1 Answer

Your Answer

Question Tools

Stats

Related questions

How can I use dumpcap to capture traffic only on port 53?